'Real ID' Act Could Help ID Thieves
Security experts have expressed dismay about new legislation that will usher in the nation's first national ID system-citing a lack of confidence in the government's ability to employ the technology in such a way as to prevent citizens from being preyed upon by identity thieves.
The Real ID Act of 2005, added on to the $82 billion Emergency Supplemental Appropriations bill, was passed by the House of Representatives on Thursday and is expected to be passed by the Senate next week.
The act was pushed through without hearings or deliberation, over the objections of a coalition of 12 Democratic senators who decried it as a sweeping anti-immigration bill.
Beyond issues of civil liberties, what's disturbing about the imminent passage of the Real ID Act from a technological point of view is that it's being done in spite of the growing popularity of state RMVs (Registries of Motor Vehicles) as targets for identity thieves, experts say.
"My feeling is there's a tremendous amount of activity going on right now around data theft," said Jon Oltsik, an analyst with Enterprise Strategies Group. "The stuff we hear about in the news is dwarfed by the stuff we don't hear about, because people bury it, because they don't want to disclose it. They're praying nothing happens."
The bill dictates that all states collect, at a minimum, personal information from citizens in order to obtain a driver's license, including name, date of birth, gender, driver's license or identification card number, digital photograph, address and signature.
Whereas collection of this particular information is not new, the linkage of states' databases is. The bill specifies that states link what are at present discrete databases, creating, in effect, one nationwide database with personal information pertaining to all citizens.
Even with states' currently discrete, disconnected databases, thieves increasingly have turned their attention to RMVs.
In March, thieves rammed a car through the back wall of a DMV near Las Vegas and stole computer equipment containing personal information on more than 8,900 people. Police in the past month have arrested DMV examiners in Florida and Maryland for selling fake driver's licenses.
Meanwhile, personal information for thousands of Americans has been compromised through the recent rash of scandals around what were considered secure databases residing with data brokers ChoicePoint and Lexis Nexis.